JIANG Zheng-wei, WU Xi-hong, YANG Pei-an, LIU Bao-xu
The cloud computing service level agreement often only focuses on performance while seldom emphasizes security parameters. Besides, customers are confused by several suppliers in cloud computing market. Therefore, cloud computing Security Service Level Agreement(SecSLA) with detailed indexes is put forward and an improved ELECTRE method is introduced to the cloud provider selection process. Goal-Question-Metric method is employed to form 50 bottom evaluation indexes for SecSLA. The modified ELECTRE method combines the value of net advantage and net disadvantage to simplify the decision process.The calculation and analysis of instance prove the following aspects: the proposed SecSLA has a relatively comprehensive coverage of the cloud computing assessment factors, such as incident handling, vulnerability and patch management,compliance and availability; the suggested method eliminates the redundancy and dependence on experience of ELECTRE II, which makes the realization of automatic process easier. The final evaluation order conforms to the result of ELECTRE II, gray correlation method and TOPSIS method, which indicates that the designed method can play a guiding role in the selection of cloud service provider.